2880 Siem Jobs - Page 2

Greetings From TCS!! Position : Zscaler Analyst Experience : 4+ years Location : Walkin Interviews on 21st Jun(saturday) at below location Hyderabad TCS Synergy Park Phase1 ,Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Chennai TCS Siruseri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Job Description : Maintain Content Filtering / Proxy configurations Implement, Test and Validate Content Filtering configuration changes. Perform testing of necessary web filtering policies. Troubleshoot Content Filtering/ Proxy policy configurations. Provide web filtering reports when requested through Service Management Submit Service Management requests for blacklisting/ whitelisting or modifying web filtering policies. Processes request(s) tickets that are assigned to the content filtering support groups in Service Management. Resolve incident ticket(s) to restore service within specified Service Level Agreements (SLAs). Work on action tasks for Problem Management process. Implement configuration and system changes following Service Management change management process. Provide and maintain documentation for Web content filtering services. Manage the Zscaler Internet Access minor and major patches by working closely with Zscalar team who will be applying patches on Zscalar cloud based ZIA ZPA Daily review of Client ZPA dashboard Review Dashboard for errors and issues Log tickets for unexpected errors as they may be symptoms of larger errors (i.e. a server is down) Provide checks in dashboard to monitor for discovered servers Ensure log are forwarded to Client SIEM Monitor for unexpected blocks and errors Monitor for connector usage (500mps/connector) Review access related tickets from end users Assist in implementing micro-segmentation of policy Ensure that Connectors update every week, primary then secondary by working closely with Zscaler Regards, Divya Jillidimudi Show more Show less

TransUnion's Job Applicant Privacy Notice What We'll Bring This role is a member of the larger Threat Detection Services organization, and will work alongside teams responsible for red teaming, intelligence analysis, and technical threat researchers. The individual filling this role will act as a senior leader within the organization helping to drive detection and response maturity, enable proactive monitoring strategies and participate in a wide range of larger cyber defense program activities. What You'll Bring Provide prolonged, in-depth analysis of potential intrusions or security events, leveraging various data artifacts to determine the context of an event. Hands on security alerts creation and maintenance, workload automation. Maintain accurate and complete records of incidents and investigations. Execute incident response processes to respond to security threats and attacks. Create detection and mitigation rules based on indicators of compromise that align with industry threats. Assist in the design, evaluation, and implementation of new security technologies. Update incident response playbooks to minimize gaps in response processes. Extract and analyze malware to determine their nature. This may include either static code analysis or runtime/execution analysis or both. Experience in Platform engineering/Content engineering Understanding agile methodology/SDLC hands on Scripting Language, preferably Python Impact You'll Make 10+ years of Network/Security/Incident Response experience. Advanced Operating System and Network knowledge. Experience identifying, investigating, and responding to complex attacks Experience with investigative technologies such as SIEM, packet capture analysis, host forensics and memory analysis tools Knowledge of at least one scripting language. Any Security related certification(s) Ability to work independently as well as collaboratively within a team. Ability to quickly grasp high-level technical concepts. Good communication and interpersonal skills. SANS SEC503: Intrusion Detection In-Depth (nice to have) SANS SEC504: Hacker Techniques, Exploits & Incident Handling (nice to have) This is a hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week. TransUnion Job Title Advisor, InfoSec Engineering Show more Show less

TransUnion's Job Applicant Privacy Notice What We'll Bring This role is a member of the larger Threat Detection Services organization, and will work alongside teams responsible for red teaming, intelligence analysis, and technical threat researchers. The individual filling this role will act as a senior leader within the organization helping to drive detection and response maturity, enable proactive monitoring strategies and participate in a wide range of larger cyber defense program activities. What You'll Bring Provide prolonged, in-depth analysis of potential intrusions or security events, leveraging various data artifacts to determine the context of an event. Hands on security alerts creation and maintenance, workload automation. Maintain accurate and complete records of incidents and investigations. Execute incident response processes to respond to security threats and attacks. Create detection and mitigation rules based on indicators of compromise that align with industry threats. Assist in the design, evaluation, and implementation of new security technologies. Update incident response playbooks to minimize gaps in response processes. Extract and analyze malware to determine their nature. This may include either static code analysis or runtime/execution analysis or both. Experience in Platform engineering/Content engineering Understanding agile methodology/SDLC hands on Scripting Language, preferably Python Impact You'll Make 10+ years of Network/Security/Incident Response experience. Advanced Operating System and Network knowledge. Experience identifying, investigating, and responding to complex attacks Experience with investigative technologies such as SIEM, packet capture analysis, host forensics and memory analysis tools Knowledge of at least one scripting language. Any Security related certification(s) Ability to work independently as well as collaboratively within a team. Ability to quickly grasp high-level technical concepts. Good communication and interpersonal skills. SANS SEC503: Intrusion Detection In-Depth (nice to have) SANS SEC504: Hacker Techniques, Exploits & Incident Handling (nice to have) This is a hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week. TransUnion Job Title Advisor, InfoSec Engineering Show more Show less

TransUnion's Job Applicant Privacy Notice What We'll Bring This role is a member of the larger Threat Detection Services organization, and will work alongside teams responsible for red teaming, intelligence analysis, and technical threat researchers. The individual filling this role will act as a senior leader within the organization helping to drive detection and response maturity, enable proactive monitoring strategies and participate in a wide range of larger cyber defense program activities. What You'll Bring Provide prolonged, in-depth analysis of potential intrusions or security events, leveraging various data artifacts to determine the context of an event. Hands on security alerts creation and maintenance, workload automation. Maintain accurate and complete records of incidents and investigations. Execute incident response processes to respond to security threats and attacks. Create detection and mitigation rules based on indicators of compromise that align with industry threats. Assist in the design, evaluation, and implementation of new security technologies. Update incident response playbooks to minimize gaps in response processes. Extract and analyze malware to determine their nature. This may include either static code analysis or runtime/execution analysis or both. Experience in Platform engineering/Content engineering Understanding agile methodology/SDLC hands on Scripting Language, preferably Python Impact You'll Make 10+ years of Network/Security/Incident Response experience. Advanced Operating System and Network knowledge. Experience identifying, investigating, and responding to complex attacks Experience with investigative technologies such as SIEM, packet capture analysis, host forensics and memory analysis tools Knowledge of at least one scripting language. Any Security related certification(s) Ability to work independently as well as collaboratively within a team. Ability to quickly grasp high-level technical concepts. Good communication and interpersonal skills. SANS SEC503: Intrusion Detection In-Depth (nice to have) SANS SEC504: Hacker Techniques, Exploits & Incident Handling (nice to have) This is a hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week. TransUnion Job Title Advisor, InfoSec Engineering Show more Show less

Solution Engineer - Cybersecurity Location : Hyderabad, Bangalore Employment Type : Full-Time Experience : 8+ years (Hands-on Experience) Desired Qualification : B.Tech or BE in Computers / MCA. Certifications such as CISSP, CEH, GCIH, OSCP, OSCE are a plus. Job Requirements Minimum 3 years of experience in a large-scale IT environment focusing on Cyber/Information Security. Expertise in Pre-Sales support, Service & Solution delivery, and Program Management (Transition & Transformation). Strong knowledge of security technologies including SIEM, SOAR, Threat Hunting, EDR, Deception, NTA, NBAD, and UEBA. Hands-on experience (3+ years) with leading analytical platforms like Splunk, IBM QRadar, Hunters, Sumo Logic, and Sentinel. Familiarity with additional security tools such as Email Security Gateway, SOAR, IPS/IDS, Proxy, EDR, TI, DLP, CASB, and PAM is an advantage. Deep understanding of Detection Engineering and the MITRE ATT&CK Framework. Strong proficiency in OS (Linux, Windows) and Networking. Analytical and problem-solving skills with an ability to assess security challenges effectively. Up-to-date knowledge of IT/OT industry trends and Security Best Practices. Expertise in Digital Forensics, Malware Assessment, Incident Response, and Threat Hunting. Strong interpersonal and communication skills, both verbal and written. Ability to collaborate with organizational and client stakeholders to identify and implement security solutions. Job Responsibilities : Define, plan, and implement cybersecurity solutions tailored to organizational needs. Conduct gap analysis to assess and improve an organization's security posture. Develop detailed security requirements and design cybersecurity solutions. Perform technical proof-of-concept (POC) demonstrations to validate security solutions. Translate technical security solutions into business values aligned with organizational objectives. Respond to complex RFPs, delivering customized security solutions that meet client needs. Execute thorough design and implementation of security solutions across various industries. Conduct competitive analysis, security workshops, and executive presentations. Design and present customized cybersecurity solutions based on client requirements. Collaborate with cross-functional teams to ensure seamless service delivery of cybersecurity solutions. Develop threat scenarios and use cases based on industry-specific attack patterns. Nice to Have : Ethical hacking certifications such as CISSP, GCIH, or equivalent training are highly preferred. (ref:hirist.tech) Show more Show less

Responsibilities As a Vulnerability Management and Threat Intel Specialist, you will be a key member of our cybersecurity team responsible for managing and enhancing our vulnerability management program. Leveraging your extensive experience with Qualys and other vulnerability assessment tools you will play a critical role in identifying, prioritizing, and mitigating security vulnerabilities across our environments. Lead the development and implementation of the vulnerability management strategy, policies, and procedures. Conduct regular vulnerability assessments and penetration tests using Qualys and other industry-standard tools to identify security weaknesses in networks, systems, and applications. Analyze scan results and prioritize vulnerabilities based on severity, exploitability, and potential impact. Collaborate with cross-functional teams to develop and implement remediation plans to address identified vulnerabilities in a timely manner. Stay abreast of emerging cyber threats, vulnerabilities, and industry best practices to continually improve the effectiveness of the vulnerability management program. Prepare and present reports on vulnerability assessment findings, remediation progress, and overall program effectiveness to senior management and clients. Monitor, analyze, and investigate emerging cyber threats, vulnerabilities, and attack trends using CloudSEK and Mandiant. Conduct dark web monitoring to identify potential threats, data leaks, or malicious activities targeting the organization. Correlate threat intelligence findings with security incidents using SIEM and collaborate with the SOC team for proactive threat detection. Contribute to threat-hunting activities by leveraging TTPs from frameworks like MITRE ATT&CK. Analyze indicators of compromise and develop actionable intelligence to strengthen security defenses. Assist in automating threat intelligence workflows using SOAR platforms. Prepare intelligence reports and brief senior management on emerging threats and their potential Skills : Hands-on experience with Qualys (or other VA tools like Tenable, Rapid7) for vulnerability assessment and scanning. Strong analytical skills to interpret scan results, false positives, and emerging threats. Strong understanding of CVSS scoring, risk-based vulnerability prioritization, and exploitability analysis. Experience in conducting penetration tests and security assessments. Familiarity with compliance frameworks (NIST, CIS, ISO 27001, PCI-DSS) related to vulnerability management. Scripting skills for automating scanning and reporting workflows are a plus. Experience with threat intelligence tools (CloudSEK, Mandiant, Recorded Future, ThreatConnect, etc.). Understanding of dark web monitoring, malware analysis, and cyber threat landscapes. Hands-on knowledge of SIEM and SOAR. Familiarity with MITRE ATT&CK framework, cyber kill chain, and intelligence-sharing platforms Strong analytical skills for correlating threat intelligence with security incidents. (ref:hirist.tech) Show more Show less

Techvantage.ai is a next-generation technology and product engineering company at the forefront of innovation in Generative AI, Agentic AI, and autonomous intelligent systems. We build intelligent, secure, and scalable digital platforms that power the future of AI across industries. Role Overview We are looking for a Senior Security Specialist with 8+ years of experience in cybersecurity, cloud security, and application security. You will be responsible for identifying, mitigating, and preventing threats across our technology landscape - particularly in AI-powered, data-driven environments. This role involves leading penetration testing efforts, managing vulnerability assessments, and implementing best-in-class security tools and practices to protect our platforms and clients. Key Responsibilities Design and implement robust security architectures for cloud-native and on-prem environments. Conduct penetration testing (internal/external, network, application, API) and deliver clear remediation strategies. Perform regular vulnerability assessments using industry-standard tools and frameworks. Lead threat modeling and risk assessments across systems, services, and data pipelines. Collaborate with development and DevOps teams to integrate security in SDLC and CI/CD pipelines (DevSecOps). Define and enforce security policies, incident response procedures, and access controls. Monitor for security breaches and investigate security events using SIEM and forensic tools. Ensure compliance with global standards such as ISO 27001, SOC 2, GDPR, and HIPAA. Provide guidance on secure implementation of AI/ML components and data protection strategies. Requirements 8+ years of experience in information security, application security, or cybersecurity engineering. Proficient in penetration testing methodologies and use of tools such as Burp Suite, Metasploit, Nmap, Wireshark, Nessus, OWASP ZAP, Qualys, etc. Deep experience in vulnerability management, patching, and security hardening practices. Strong understanding of OWASP Top 10, CWE/SANS Top 25, API security, and secure coding principles. Hands-on experience with cloud security (AWS, Azure, or GCP), IAM, firewalls, WAFs, encryption, and endpoint security. Familiarity with SIEM, EDR, IDS/IPS, and DLP solutions. Knowledge of DevSecOps and tools like Terraform, Kubernetes, Docker, etc. Excellent problem-solving, analytical, and incident-handling capabilities. Preferred Qualifications Certifications such as CISSP, CISM, CEH, OSCP, or AWS Security Specialty. Experience working on security aspects of AI/ML platforms, data pipelines, or model inferencing. Familiarity with governance and compliance frameworks (e.g, PCI-DSS, HIPAA). Experience in secure agile product environments and threat modeling techniques. What We Offer A mission-critical role securing next-gen AI systems. Opportunity to work with an innovative and fast-paced tech company. High visibility and leadership opportunities in a growing security function. Compensation is not a constraint for the right candidate. (ref:hirist.tech) Show more Show less

Role Responsibilities Monitor and analyze security events and incidents using advanced security tools to identify potential threats, vulnerabilities, and suspicious activities. Recognize potential, successful, and unsuccessful intrusion attempts Conduct in-depth analysis of security incidents, leveraging various sources of threat intelligence, to determine the scope and impact of security threats and incidents. Stay up to date with the latest cybersecurity news and trends, and provide insights and recommendations to enhance our security posture. Engage with various teams to expand your knowledge of the environment Research new and evolving threats that have the potential to impact the environment Serve on the incident response team for major or high-profile security incidents in tandem with external providers. Propose procedural updates and process improvements Be an escalation point for the SOC of Experience : Minimum 4 years experience in Cybersecurity or related Requirements : Requirements Due to the nature of 24x7 SOC monitoring requirements, this position requires, subject to compliance with applicable laws, occasional weekend work and alternate shifts as needed to ensure adequate coverage and meet the demands of our Requirements : Certifications such as CISSP and CEH are desirable Knowledge of cybersecurity principles, concepts, and practices Knowledge of networks, firewalls, and operating systems Strong analytical and problem solving skills, with the ability to collate and interpret data from various sources, assess complex security issues, and propose effective solutions. Experience with security incident detection and response Familiarity with security technologies, such as SIEM, IDS/IPS, firewalls, endpoint protection, and vulnerability scanners. Familiarity with industry standards and frameworks, such as NIST Cybersecurity Framework and ISO Values : Strong interpersonal, oral, and written communication and collaboration skills Strong organizational skills including the ability to adapt to shifting priorities and meet frequent deadlines Proactive approach to problem-solving with strong judgment and decision-making capability. Highly resourceful and collaborative team-player, with the ability to also be independently effective and exude initiative and a sense of urgency. Exemplifies our customer-focused, action-oriented, results-driven culture. Forward looking thinker, who actively seeks opportunities, has a desire for continuous learning, and proposes solutions. Ability to act with discretion and maintain complete confidentiality. Dedicated to the firms values of non-negotiable integrity, valuing our people, exceeding client expectations, and embracing intellectual curiosity (ref:hirist.tech) Show more Show less

Job Overview St. Fox is looking for a proactive and seasoned L2 - Next-Gen SIEM Security Engineer to join our skilled team in Bengaluru/Pune. This onsite role involves direct collaboration at our esteemed customer's location, offering a stimulating environment with substantial opportunities to enhance your professional growth and technical expertise. You will be instrumental in the administration, management, and optimization of cutting-edge Next-Gen SIEM/EDR platforms, focusing on threat hunting, detection rule development, and fostering a strong security : Administer and provide comprehensive management support for CrowdStrike Next-Gen SIEM/EDR solutions, ensuring their optimal performance and configuration. Perform proactive threat research and threat hunting to identify emerging tactics, techniques, and procedures (TTPs) and translate these insights into actionable detection requirements using an intelligence-driven approach. Develop, thoroughly test, and deploy high-fidelity CrowdStrike Next-Gen SIEM detection rules to enhance the customer's security monitoring capabilities. Collaborate effectively with Security Analysts to create detailed playbooks for triage and response specifically for actionable high-fidelity detections, streamlining incident handling. Work closely with SIEM architects to develop and define best practices for parsing and normalizing data to a common event schema, ensuring consistency and usability of security logs. Build and maintain utilities and tools to enable the managed security services team to operate quickly, efficiently, and at a large scale. Analyze security data, such as logs or packet captures, from various sources within the enterprise environment and draw accurate conclusions regarding past and potential future security incidents. Develop and maintain clear, concise processes and documentation for all security operations, configurations, and incident response Skills & Qualifications : B.Tech/B.E/BCS, BCA with sound technical skills. Minimum 5+ years of hands-on experience supporting SIEM/SOAR platforms, Threat Hunting, and various Security solutions and technologies. Strong command of both verbal and written English language. Demonstrated ability to combine technical acumen with critical thinking abilities to solve complex security challenges. Strong interpersonal and presentation skills, capable of articulating technical concepts to diverse Skills : Certification in any of the SIEM platforms (Splunk, Sentinel, QRadar, Elastic SIEM). Certifications such as CEH (Certified Ethical Hacker), CompTIA Security+, CompTIA Network+, CCNA (Cisco Certified Network Associate). Direct experience with CrowdStrike products, particularly their SIEM/EDR capabilities. Experience with incident response processes and procedures. Knowledge of scripting languages for automation (e.g., Python) (ref:hirist.tech) Show more Show less

Join a Leading Cybersecurity Innovator for a Strong Future. Job Overview Deploy, configure, and manage the CyberArk Privileged Access Management (PAM) solution, including the CyberArk Vault, CPM, PSM, and PTA. Design and implement secure access policies, password vaulting, session monitoring, and privileged access controls across various systems and platforms. Install, configure, and maintain CyberArk components, ensuring the highest levels of security and efficiency. Monitor the performance of the CyberArk infrastructure and troubleshoot issues as they arise. Implement proactive monitoring of the CyberArk systems to ensure availability, reliability, and security of the privileged access management solutions. Integrate CyberArk with other enterprise security tools and systems, such as SIEM, MFA, Active Directory, and other identity management solutions. Collaborate with other teams (e.g, network security, application security) to improve security posture and manage privileged access across the organization. Provide expert-level support for incidents related to CyberArk, including troubleshooting and providing resolutions to security issues. Respond to security incidents and work to mitigate any risks involving privileged access or compromised credentials. Requirements 3-5 years of hands-on experience with CyberArk Privileged Access Management solutions. Experience with CyberArk Vault, CPM, PSM, PTA, and related components. Strong knowledge of network and system security principles. Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field (preferred). Personal Attributes Self-motivated with the ability to work independently and as part of a team. Strong attention to detail and a proactive approach to problem-solving. Willingness to learn and grow in the information security field. About the Company : (www.acpl.com) : We at ACPL are Cyber Security specialists and help corporates with their complete cycle of setting up the Cyber security platform. Right from selecting the adaptable security tools to the deployment of the same and then providing dedicated cybersecurity services. Established in 1990, ACPL is the developer of India's first antivirus software "SmartDog". We offer our services and solutions by integrating complex technologies offered by the leading IT companies through strategic partnerships. Our solutions and services are majorly focused on the most challenging industry verticals like BFSI, Manufacturing, Telecommunication, Retail, Healthcare, IT/ ITES, Power, Media Education, Distribution and more. We are $70 million company with PAN India presence with services across ASIA and a branch office in Singapore and Australia. We are a team of 300+ highly qualified professionals having certifications like CISSP , CISA , GICH etc. Apart from winning various Industry awards and recognitions ACPL is 100% RBA Compliant and a certified "Great place to work". (ref:hirist.tech) Show more Show less

SOC Analyst L2 We are hiring an experienced SOC Analyst L2 for managing advanced security threats, conducting deep-dive investigations, and leading incident response initiatives. This role requires a strong background in multi-scanning, CDR solutions, and incident handling Analyze and respond to advanced security threats and alerts. Lead incident investigations and perform root cause analysis. Configure, tune, and optimize SIEM tools (IBM QRadar). Guide and mentor L1 analysts during incident triage and resolution. Maintain playbooks, response procedures, and threat intelligence reports. Collaborate with cross-functional teams on remediation Skills & Qualifications : Bachelors or Masters degree in Computer Science, Computer Engineering, or equivalent. Minimum of 5 years of SOC experience, with at least 1 year in multi-scanning or similar technologies. Proficiency with SIEM tools like IBM QRadar. Experience with CDR tools, network monitoring, and forensic analysis. Knowledge of malware detection and remediation techniques. Excellent problem-solving and analytical skills (ref:hirist.tech) Show more Show less

Job Description We are seeking a Level 1 SOC Analyst to monitor and analyze security incidents and maintain security posture using SIEM tools such as IBM QRadar. The ideal candidate will have solid experience in handling multi-scanning and CDR (Content Disarm and Reconstruction) Responsibilities : Monitor and triage security alerts generated from SIEM tools (IBM QRadar). Perform Level 1 incident analysis and escalate as required. Operate and maintain multi-scanning tools and CDR solutions. Analyze log data for security anomalies and threat detection. Maintain incident tracking and ensure timely closure. Document and maintain SOPs for incident handling. Required Skills & Qualifications Bachelors or Masters degree in Computer Science, Computer Engineering, or related technical discipline. Minimum of 3 years of experience in a SOC environment. Strong understanding of SIEM tools, preferably IBM QRadar. Exposure to network security tools and threat detection methods. Strong analytical and troubleshooting skills. Good communication and documentation abilities (ref:hirist.tech) Show more Show less

Junior Presales About Kanoo Elite Kanoo Elite is a GCC (Gulf Cooperation Council) based global level consulting and outsourcing firm leveraging deep technology expertise, strong industry experience and a comprehensive portfolio of services. We have constantly strengthened the proposition of providing an end-to-end experience to customers with strong strategy and design skills, implementation and technical abilities and industry leading sustenance models. The Position Roles & Responsibilities : The role holder will be responsible for leading customer discussion on analysing Cyber Security requirements. Proactively and accurately identify prospect pain and propose right solutions. Engage with customers as a trusted advisor, listening and understanding their challenges and requirement both technical and business, and clearly articulate and communicate to the sales and governance team and document them. Research and develop appropriate working solution and value proposition, engaging with the respective solution principal, distributors, OEM and service team to address customer requirement. Scope and clearly translate defined requirements, proposed solutions and value proposition into proposals/Statement of Work (SOW), building project plans, conducting reviews with the technical team on the project progress. Proposal writing, expertise in MS word, MS Excel, presentation, understanding of various security technologies, coordinating with sales team, OEMs and distributors. Be the solution owner, taking lead and working with cross-functioning team Experience in conducting demo and PoC / PoV is a plus. Ensure personal technical, communication and commercial skills are kept up to date to ensure successful execution of role, e. maintaining CPE, attending training and webinars. Partner with sales team to generate leads. Negotiate and contract closing by providing support to the Sales Team. Technical Skills Required Technical implementations on security technologies or presales experience is highly desirable. Technical knowledge of security technologies across multiple domains such as Firewall, Network IPS, SIEM, DLP, Cloud Security etc, information security concepts and familiar with security products (Checkpoint, Palo Alto, Cisco, Splunk, McAfee, Symantec etc) is a plus. Professional security related qualifications will have an advantage. Competencies Required Excellent oral and written communication skills Strong leadership abilities. Good analytical capability. Articulation skills to demonstrate the technical capabilities of the product. An intelligent, articulate, consensus building, and persuasive team player who can serve as an effective member of a dynamic pursuit team is a plus. Negotiation skills. Results oriented individual with ability to effectively manage multiple priorities and time lines. Fluency in English is a must. Work Experience & Educational Qualifications Must have degree in Computer Science, Engineering or Information Systems or related, with a focus or major in IT Security being highly desirable. Must have at least 2 years of strong hands-on experience in IT Security with an exposure to technical solutioning and presales. 3- 5 years of experience of a comparable cyber security pre-sales/technical role. (ref:hirist.tech) Show more Show less

Job Title : Senior Security Control Advisor & SOC SME Level 3. Location : Pune. Employment Type : Full-Time. About The Role As the senior Security SME, youll play a varied role within the Security Operations Center (SOC), providing Security Control advice to the business for IT architectures, applying your hands-on security tool experience to enhance the security tool maturity, assisting the SOC. You'll play a critical role in safeguarding our organization against evolving cyber threats. As a key escalation point between Level 2 analysts and SOC management, you'll leverage your advanced technical skills to perform in-depth incident investigations, proactive threat hunting, security gap-analysis, expanding the security capability where needed. This role offers the opportunity to enhance our security posture, utilizing and developing security tools/technologies and contributing to wider Security company mandates. Responsibilities Advanced Threat Detection & Analysis : Be the primary person for Security Control advice within IT Architectures Document Security Controls & Principles per-architecture requirements Define and enhance security tools matrix Serve as the primary escalation point for complex security incidents, validating and enhancing Level 1 findings, and ensuring accurate incident classification. Conduct thorough investigations of suspicious activities, correlating logs across diverse security platforms (SIEM, EDR, network monitoring) to identify and respond to advanced threats. Develop and refine SIEM correlation rules and detection logic, leveraging threat intelligence to identify and mitigate emerging threats proactively. Lead proactive threat-hunting exercises, utilizing the MITRE ATT&CK framework and threat intelligence platforms to uncover hidden threats. Utilise threat intelligence platforms to enhance incident response, threat hunting, and vulnerability management. Incident Response & Digital Forensics Lead incident containment, eradication, and recovery efforts, collaborating with cross-functional teams throughout the incident response lifecycle. Perform detailed disk, memory, and network forensics to pinpoint attack vectors and root causes, contributing to post-incident analysis and lessons learned. Extract and analyze Indicators of Compromise (IoCs) and adversary Tactics, Techniques, and Procedures (TTPs) to enhance future threat detection and response. Utilize incident response playbooks to ensure consistent and effective incident handling. Required Skills & Experience 6+ years of experience in a SOC environment, with a focus on Level 3 responsibilities. Expertise In EDR/XDR solutions (Sophos, CrowdStrike, SentinelOne, Microsoft Defender). Incident response frameworks (NIST, SANS, MITRE ATT&CK). Advanced experience with security monitoring tools especially logging and monitoring, SIEM, Security infrastructure Ability to analyse security logs and vulnerability scan results to identify suspicious activity and potential vulnerabilities. Strong analytical and problem-solving skills. Excellent communication and documentation skills. Ability to work effectively in a team environment. Networking concepts (TCP/IP, DNS, etc.) Log analysis and correlation. Malware analysis and reverse engineering. Documentation to clearly explain technical details. Proven experience securing cloud environments (AWS, Azure, or GCP), including implementing and managing security controls for specific services. Preferred Certifications GIAC Certified Incident Handler (GCIH). CompTIA Security+, Network+, or similar certifications. Cloud Security Architect qualifications. Experience with incident response frameworks (e., NIST). Experience with ticketing systems. (ref:hirist.tech) Show more Show less

Job Description We're looking for a Software Engineer to join our team. In this role, you'll build integrations between different cybersecurity platforms and third-party systems. You'll use both specialized low-code/no-code tools for quick development and Python scripting for more complex needs. Your work will directly support our security analysts by ensuring they have the correct data and automation to detect and respond to threats : Research and Evaluate APIs : Research and evaluate APIs from third-party platforms (e. g., SIEMs, threat intelligence providers, logging tools, etc. ) to identify the most relevant integrations for our Security Operations Center (SOC) Analysts. Design and Develop Integrations : Design, develop, and deploy secure and scalable API integrations that bring real-time data and insights into the Metron Security ecosystem. API Interaction and Data Management : Make robust API calls to third-party platforms to extract existing data and generate new data or actions on those platforms. API Protocol Expertise : Work with RESTful APIs and OpenAPI/Swagger specification to define and integrate APIs efficiently. Custom Scripting : Utilize Python scripting for complex data transformations, custom business logic, and advanced automation. Collaboration : Collaborate closely with Security Analysts and Backend Engineers to thoroughly understand SOC workflows and deliver features that directly enhance threat visibility and response capabilities. Command-Line Proficiency : Leverage the command-line interface (CLI) for API testing, automation, deployment, and debugging tasks (e. g., using curl, httpie, jq, and Bash scripting). Code Quality : Write clean, maintainable, and well-documented code, adhering to best security and software development practices. Requirements API Expertise : Strong analytical and problem-solving skills with a proven ability to evaluate third-party APIs, understand their utility, and map them to security operations needs. API Protocols : Hands-on experience with API protocols and specifications, including REST and OpenAPI/Swagger. Programming Proficiency : Proficiency in Python for scripting, custom logic, and advanced automation, with comfort in other languages like Go, Java, or Node.js a plus. Authentication and Authorization : Practical experience with various authentication and authorization mechanisms : Basic Auth, OAuth 2.0 (including different flows), JWT, and API Keys. Command-Line Tools : Comfortable and experienced working with CLI tools such as curl, httpie, jq, and scripting environments like Bash for API interaction and debugging. Version Control : Familiarity with version control systems (e. g., Git) and collaborative development workflows. Problem-Solving : Excellent analytical and problem-solving skills with a logical approach to integration challenges. Communication : Strong verbal and written communication skills to articulate technical concepts to both technical and non-technical audiences. Nice-to-Have Skills Experience in building integrations with specific cybersecurity platforms, such as EDRs, SIEMs, SOARs, and Vulnerability Management tools. Knowledge of data modeling and data transformation, along with their best practices. Understanding of cloud platforms (AWS, Azure, GCP) and their API ecosystems. Experience with continuous integration/continuous deployment (CI/CD) pipelines. (ref:hirist.tech) Show more Show less

Key Responsibilities Overall 3-6 years experience in network security with at least 3 years in managing PIM/PAM solutions. Proficiency with management PIM/PAM Experience in working with Windows, Linux, Unix environments. Hands-on experience in commissioning and Implementation of PIM/PAM solutions and integrating with various management and authentication authorization tools (email, AD, IAM, SIEM) Experience in automating processes using scripting, configuration (SOAR) tools Experience in managing policies and exceptions Experience in packet capture, analysis, and troubleshooting tools Product knowledge of PIM/PAM solution. Incident, problem, service request management, change management, configuration management &capacity management of PIM/PAM Setup Proactively utilize network monitoring tools to isolate events before service degradation occurs Supporting incident monitoring and incident analysis/response initiatives Coordinate with users to ensure timely and satisfactory resolution for any trouble tickets, troubleshooting layers 1, 2, and 3 of the OSI Model. Troubleshooting network, transport, session, presentation and applications layers Conducting daily performance checks on devices, periodic audits and compliance Performing immediate troubleshooting as the situation dictates for any network outages as reported by users, sensors, and/or operational personnel Implement, and maintain network security policy, standards, and procedures. Deploying and maintaining access and security policies for PIM/PAM solutions. Maintaining service levels as well as oversight of the day-to-day configuration, administration and monitoring of the network security infrastructure in a 24/7. (ref:hirist.tech) Show more Show less

Experience : 3+years. Location : Nagpur. Notice period : 30days. Mandatory skills : SOC, Qradar , Endpoint corwdstrike. Job Description Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone). Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Should have experience in Developing new correlation rules & Parser writing. Experience in Log source integration. Act as the lead coordinator to individual information security incidents. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Center. Document incidents from initial detection through final resolution. Participate in security incident management and vulnerability management processes. Coordinate with IT teams on escalations, tracking, performance issues, and outages. Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Communicate effectively with customers, teammates, and management. Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation. Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies. Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures. Follow ITIL practices regarding incident, problem and change management. Staying up-to-date with emerging security threats including applicable regulatory security requirements. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate. Publish weekly reports to applicable teams. Generate monthly reports on SOC activity. Secondary skills : AV, HIPS, DCS, VA/ PT desirable. (ref:hirist.tech) Show more Show less

About The Role Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

Job Posting Title : Advisor - Threat Detection Services This role is a member of the larger Threat Detection Services organization, and will work alongside teams responsible for red teaming, intelligence analysis, and technical threat researchers. The individual filling this role will act as a senior leader within the organization helping to drive detection and response maturity, enable proactive monitoring strategies and participate in a wide range of larger cyber defense program activities. Job Description : Provide prolonged, in-depth analysis of potential intrusions or security events, leveraging various data artifacts to determine the context of an event. Hands on security alerts creation and maintenance, workload automation. Maintain accurate and complete records of incidents and investigations. Execute incident response processes to respond to security threats and attacks. Create detection and mitigation rules based on indicators of compromise that align with industry threats. Assist in the design, evaluation, and implementation of new security technologies. Update incident response playbooks to minimize gaps in response processes. Extract and analyze malware to determine their nature. This may include either static code analysis or runtime/execution analysis or both. Experience in Platform engineering/Content engineering Understanding agile methodology/SDLC hands on Scripting Language, preferably Python Additional Job Description Additional Job Description 10+ years of Network/Security/Incident Response experience. Advanced Operating System and Network knowledge. Experience identifying, investigating, and responding to complex attacks Experience with investigative technologies such as SIEM, packet capture analysis, host forensics and memory analysis tools Knowledge of at least one scripting language. Any Security related certification(s) Ability to work independently as well as collaboratively within a team. Ability to quickly grasp high-level technical concepts. Good communication and interpersonal skills. SANS SEC503: Intrusion Detection In-Depth (nice to have) SANS SEC504: Hacker Techniques, Exploits & Incident Handling (nice to have) Show more Show less

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. We are looking for a Security Engineer to join our team focused on protecting Microsoft’s customers operating in regulated industries such as healthcare, finance etc. Our team is responsible for designing and implementing scalable, resilient, and compliant security solutions that address the unique challenges faced by highly regulated sectors. In this role, you will collaborate closely with engineering, compliance, and product teams to ensure security is built into the core of our services, supporting industry-specific frameworks like HIPAA, PCI-DSS, and more. You will lead efforts in threat detection and incident readiness, helping to drive Microsoft’s commitment to trusted cloud services. The ideal candidate will bring deep technical expertise, a solid security background, and a passion for enabling secure digital transformation for some of the world’s most sensitive and critical environments. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Responsibilities Analyze security alerts and incidents. Lead incident response, containment, eradication, and recovery efforts. Document and report findings. Develop and implement security controls and automation. Monitor threat intelligence feeds for emerging risks and vulnerabilities. Qualifications Education: Bachelor’s or Master's degree in Cybersecurity, Computer Science, or related field. Experience: 1-3 years in Security Operations (SOC), Incident Response, or Threat Intelligence. Strong knowledge of SIEM, EDR/XDR, cloud security (Azure/AWS), and vulnerability management. Proficiency in scripting languages (Python, PowerShell) for security automation. Experience with secure coding practices and integrating security into DevOps pipelines. Excellent communication and collaboration skills. Industry certifications such as SC-100, CEH, Security+ (preferred). Preferred Qualifications Education: Bachelor’s or Master's degree in Cybersecurity, Computer Science, or related field. Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations. Show more Show less

SOC Analyst works within the 24/7 Cyber Fusion Center (CFC). The role is responsible for monitoring, triaging, analyzing and escalating incidents and events in the technology environment. This SOC Analyst will evaluate data collected from a variety of cyber operations tools (e.g., SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to analyze events that occur within the environments for the purposes of detecting and mitigating threats in both structured and unstructured situations. Individuals in this role are proactive and well-versed in log, identity, cloud, network, and root cause analysis Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise SOC Analyst must have skills in email security, system event, network event, log analysis. Knowledge of common IT and security technology concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques is important. Experience conducting event analysis in AWS and Azure environments. Characterize and analyse alerts to understand potential and active threats. Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the nature and characteristics of events that could be an observed attack Preferred technical and professional experience Document and escalate events/incidents that may cause adverse impact to the environment. Provide daily summary reports of events and activity relevant to cyber operations. Perform Cyber Operations trend analysis and reporting. Perform high-quality triage and thorough analysis for all alerts. Demonstrate effective communication skills both written and verbal. Actively engage in team chats, calls, and face to face settings. Constantly contribute to SOC runbooks/playbooks Recommend improvements to automations, alert fidelity, and security controls. Preferred Experience: Experience / Knowledge in CyberArk, Azure SSO. Knowledge of enterprise web technologies, security, and cutting-edge infrastructures

SOC Analyst must have skills in email security, system event, network event, log analysis. Knowledge of common IT and security technology concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques is important. Experience conducting event analysis in AWS and Azure environments. Characterize and analyse alerts to understand potential and active threats. Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the nature and characteristics of events that could be an observed attack Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Document and escalate events/incidents that may cause adverse impact to the environment. Provide daily summary reports of events and activity relevant to cyber operations. Perform Cyber Operations trend analysis and reporting. Perform high-quality triage and thorough analysis for all alerts. Demonstrate effective communication skills both written and verbal. Actively engage in team chats, calls, and face to face settings. Constantly contribute to SOC runbooks/playbooks Recommend improvements to automations, alert fidelity, and security controls. Preferred Experience: Experience / Knowledge in CyberArk, Azure SSO. Knowledge of enterprise web technologies, security, and cutting-edge infrastructures Preferred technical and professional experience SOC Analyst works within the 24/7 Cyber Fusion Center (CFC). The role is responsible for monitoring, triaging, analyzing and escalating incidents and events in the technology environment. This SOC Analyst will evaluate data collected from a variety of cyber operations tools (e.g., SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to analyze events that occur within the environments for the purposes of detecting and mitigating threats in both structured and unstructured situations. Individuals in this role are proactive and well-versed in log, identity, cloud, network, and root cause analysis

Lead & focus: Demonstrate clear & calm leadership, setting the tone for each response Command and coordinate a response to security incidents, relevant threats, and high profile security events Scope a response to the next best actions Ensure response is sustainable for all resources involved Support beyond normal shift hours in an emergency or during times of staff shortage Coordinate & communicate: Delegate tasks in a timely manner and manage them to closure Facilitate incident / threat resolution through prompt communication across multiple teams Document status and regularly communicate updates to stakeholders and senior management Develop and track key metrics and reporting related to incident management Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Incident Response, Soc Management Preferred technical and professional experience Threat Hunting

Analysing cyber-IOCs, APTs, MITRE ATT&CK TTPs, attack vectors, adversary TTPs, and cyber threat intelligence topics and translating these into actionable intelligence Develop, maintain, and update a repository of cyber threat information that is used in conducting risk assessments and reports on cyber risk trends. Conducts research and evaluates intelligence data, with emphasis on TTP's. Good Experience in Development and documenting of threat Intelligence procedures into playbooks. Experience on Threat Research Reports for Strategic, Tactical, and Operational intelligence Focusing on intent, objectives, and activity of cyber threat actors and then acting accordingly. Perform ad-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues and in resolving them. Able to communicate effectively with technical, operational, and senior client staff. Required education Bachelor's Degree Required technical and professional expertise Analysing cyber-IOCs, APTs, MITRE ATT&CK TTPs, attack vectors, adversary TTPs, and cyber threat intelligence topics and translating these into actionable intelligence Develop, maintain, and update a repository of cyber threat information that is used in conducting risk assessments and reports on cyber risk trends. Conducts research and evaluates intelligence data, with emphasis on TTP's. Good Experience in Development and documenting of threat Intelligence procedures into playbooks. Experience on Threat Research Reports for Strategic, Tactical, and Operational intelligence Focusing on intent, objectives, and activity of cyber threat actors and then acting accordingly. Perform ad-hoc intelligence gathering using OSINT tools and techniques Preferred technical and professional experience Able to apply creative and critical thinking when approaching issues and in resolving them. Able to communicate effectively with technical, operational, and senior client staff.

Senior SOC Analyst works within the 24/7 Cyber Fusion Center (CFC). The role is responsible for monitoring, triaging, analyzing and escalating incidents and events in the technology environment. This Senior SOC Analyst will evaluate data collected from a variety of cyber operations tools (e.g., SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to analyze events that occur within the environments for the purposes of detecting and mitigating threats in both structured and unstructured situations. Individuals in this role are proactive and well-versed in log, identity, cloud, network, and root cause analysis Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Senior SOC Analyst must have skills in email security, system event, network event, log analysis. Knowledge of common IT and security technology concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques is important. Experience conducting event analysis in AWS and Azure environments. Characterize and analyse alerts to understand potential and active threats. Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the nature and characteristics of events that could be an observed attack Preferred technical and professional experience Document and escalate events/incidents that may cause adverse impact to the environment. Provide daily summary reports of events and activity relevant to cyber operations. Perform Cyber Operations trend analysis and reporting. Perform high-quality triage and thorough analysis for all alerts. Demonstrate effective communication skills both written and verbal. Actively engage in team chats, calls, and face to face settings. Constantly contribute to SOC runbooks/playbooks Recommend improvements to automations, alert fidelity, and security controls. Preferred Experience: Experience / Knowledge in CyberArk, Azure SSO. Knowledge of enterprise web technologies, security, and cutting-edge infrastructures